Banking Blog

Finance Blogs » Banking Blog » Beware banking text messages

Beware banking text messages

By David McMillin ·
Wednesday, December 28, 2011
Posted: 10 am ET

If you use your mobile device for banking, here's a new term you should know: SMiShing. While I was unfamiliar with this word until today, it's something you want to avoid. The term is used to describe identity theft attempts via SMS text messages.

Some account holders at Fifth Third Bank have been recent targets of SMiShing scams, and the bank has posted a notice on its website to warn customers to watch out for suspicious text messages. Here are a few examples of what's been popping up on mobile devices:

  • Fifth Third Bank alert. Debit card locked. Call XXX-XXX-XXXX to unlock it.
  • FifthThirdB MJVA alert 119471. Please call (XXX)XXX-XXXX.
  • Fifth Third B. Message. Your card has been locked. Call XXX-XXX-XXXX to unlock it.

While I like to consider myself a savvy consumer, I have to wonder if I might fall for these alerts. Determining the trustworthiness of text messages certainly seems more challenging than verifying the authenticity of email. I have no spam filter for text messages; they simply appear in the same folder that holds notes from friends and colleagues. Because my debit card is my primary payment method, I'm sure a notification about it would immediately catch my attention.

Research has revealed flaws with mobile applications from some banks, but this is the first time I've been aware of the dangers that exist with text banking. Fifth Third advises account holders that it will never contact them by email, phone or text to request or verify information. In any case like this, it's best to call the number directly on the back of your debit card.

The FDIC recently issued new warnings about the risks of transmitting account information via mobile phones. As banks continue to develop new tools and technologies, you can be sure that identity thieves will race to develop new strategies for outsmarting them. The SMiShing scam at Fifth Third serves as a reminder to be vigilant about protecting your private information.

What do you think? Would you fall victim to a fake text message from what appears to be your bank?

Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.
David Scott
February 22, 2012 at 7:33 pm

I returned home from a weekend in the Hocking Hills in Ohio to find my bank account had been accessed. The charge said SMSwarehouse and Norton products. I cancelled my card and filed with my bank Huntington in Chillicothe Ohio. The next day the line stated it was an international charge, I'm very careful about transactions and the only one I make via mobile phone is my Sprint bill. I wont make anymore that's for sure.

February 18, 2012 at 9:51 am

Have received some so-called inquires from my bank. Never answer any questions on my account which appear in my email. I print email request and forward copy to bank -- then delete and call bank using the phone number on the back of credit card. No bank EVER asks you to confirm/give information on your account on the internet. The scary thing is that these communications are able to duplicate the letterheads on these emails. Check the bottom of the email -- that will not include the name of the bank or inquirer.

RG Graham
February 15, 2012 at 4:31 pm

This is a similar attack taken to text messages. Several years ago I got an Email from my Credit card company and I called the 800 number on the back of the card - I was told that the web site you visited (by clicking the link in the email) was fraudulent and that the bank was aware that this was going on and was working to shut it down.

Bottom line: Your bank knows who you are and how to contact you by phone or snail mail. They DO NOT send texts or emails. Be a savvy customer and don't fall for these kinds of scams.

February 15, 2012 at 10:13 am

If anything else, just remember this ONE thing; BANKS NEVER ASK YOU TO CLICK ON A LINK IN THE PHISHING EMAIL!!! Even if it looks legit, that's what they want you to think. Just sign into your bank yourself, then you can see if there's anything wrong. I use this process on many emails from my accounts, even from stores. You never know who's out there trying to get their hands on YOUR money!!!

January 27, 2012 at 9:27 pm

Bank of America told my sister to call the # on the back of the card ending in #### and they also used her first name...the whole story is here..

Debra James
December 28, 2011 at 3:02 pm

My recommendation would to be store your bank's customer service phone in your contacts, and only dial that number if you ever receive a "bank text" instructing you to call in. If your account has been flagged then the customer service rep will see it when you call in. Dialing a confirmed customer service number is very similar to only logging in to your account from the bank's website or bank provided app, and not via any links in an email or text.